AMENDMENTS TO THE CLAIMS 



This listing of claims will replace all prior versions, and listings, of claims in the 
application: 

Listing of Claims: 



1 1 . (Currently amended) A method for sharing a secure communication 

2 session with a client between a plurality of servers, comprising: 

3 receiving a message from the client at a first server in the plurality of 

4 servers, the message including a session identifier that identifies a secure 

5 communication session with the client; and 

6 if the session identifier does not correspond to an active secure 

7 communication session on the first server, establishing an active secure 

8 communication session with the client on the first server by, 

9 attempting to retrieve state information associated with the 

10 session identifier for an active secure communication session 

1 1 between the client and a second serve r from th e plurality of serv e rs 

12 by th e first s e r\^ e r, . wherein the state information is retrieved from 

1 3 a third server which is different from the client, wherein the state 

14 information includes a session encryption keys us e d to e ncrypt 

15 commimications associated with the active secure communication 

16 session between the client and the second server, wherein the first 

17 server is different from the second server, 

18 if the state information for the active secure communication 

19 session is retrieved, using the state information including the 

20 encryption keys to share the active secure communication session 

21 established between the client and the second server for subsequent 
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communications between the client and the first server without 
having to set up a new secure communication session between the 
client and the first server, wherein the state information is purged 
from the second server after the state information is retrieved by 
the first server, wh e rein sharing th e activ e s e cur e communication 
session allow^s a singl e SSL s e ssion to be simultan e ously shared by 
multiple serv^ e rs, and 

if the state information for the active secure communication 
session is not retrieved, communicating with the client to establish 
the active secure communication session with the client. 

2. (Original) The method of claim 1 , wherein attempting to retrieve the 
state information includes: 

attempting to use the session identifier to identify the second server in the 
plurality of servers that has an active secure communication session with the 
client that corresponds to the session identifier; and 

attempting to retrieve the state information from the second server. 

3. (Original) The method of claim 1, wherein attempting to retrieve the 
state information involves attempting to retrieve the state information from a 
centralized repository that is in communication with the plurality of servers. 

4. (Original) The method of claim 3, wherein the centralized repository 
includes a database for storing the state information. 

5. (Canceled). 
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1 6. (Currently amended) The method of claim 1, wherein the state 

2 information includes: 

3 a s e ssion e ncryption k e y for th e s e cur e communication s e ssion; 

4 the session identifier for the secure communication session; and 

5 a running message digest for the secure communication session. 

1 7. (Original) The method of claim 6, further comprising: 

2 using the message to update the running message digest; and 

3 checkpointing the updated running message digest to a location outside of 

4 the first server. 

1 8. (Canceled). 

1 9. (Original) The method of claim 1, further comprising initially 

2 establishing an active secure communication session between the client and the 

3 second server, the active secure communication session being identified by the 

4 session identifier. 

1 10. (Original) The method of claim 1, wherein attempting to retrieve the 

2 state information includes authenticating and authorizing the first server. 

1 11-12 (Canceled). 

1 13. (Currently amended) A computer-readable storage medium storing 

2 instructions that when executed by a computer cause the computer to perform a 

3 method for sharing a secure communication session with a client between a 

4 plurality of servers, the method comprising: 
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5 receiving a message from the client at a first server in the plurality of 

6 servers, the message including a session identifier that identifies a secure 

7 communication session with the client; and 

8 if the session identifier does not correspond to an active secure 

9 communication session on the first server, establishing an active secure 

1 0 communication session with the client on the first server by, 

1 1 attempting to retrieve state information associated with the 

12 session identifier for an active secure communication session 

1 3 between the client and a second serve r, wherein the state 

14 infomiation is retrieved from a third server which is different from 

15 the client, from th e plurality of sei-v e rs by the first s e r\^ e r, wherein 

1 6 the state information includes a session encryption keys associated 

17 with the active secure communication session u s ed to encr>pt 

1 8 communications between the client and the second server, wherein 

1 9 the first server is different from the second server, 

20 if the state information for the active secure communication 

21 session is retrieved, using the state information including the 

22 encryption keys to share the active secure communication session 

23 established between the client and the second server for subsequent 

24 communications between the client and the first server without 

25 having to set up a new secure communication session between the 

26 client and the first server, wherein th e stat e infonnation is pui'g e d 

27 from the s e cond server after the s tate information is retri e ved by 

28 th e first s e rv e r, wherein sharing the active secure communication 

29 s e ssion allows a single SSL session to be simultaneously s har e d by 

30 multiple servers, and 
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3 1 if the state information for the active secure communication 

32 session is not retrieved, communicating with the client to estabUsh 

33 the active secure communication session with the cHent. 

1 14. (Original) The computer-readable storage medium of claim 13, 

2 wherein attempting to retrieve the state information includes: 

3 attempting to use the session identifier to identify the second server in the 

4 plurality of servers that has an active secure communication session with the 

5 client that corresponds to the session identifier; and 

6 attempting to retrieve the state information from the second server. 

1 15. (Original) The computer-readable storage medium of claim 13, 

2 wherein attempting to retrieve the state information involves attempting to 

3 retrieve the state information from a centralized repository that is in 

4 conmiunication with the plurality of servers. 

1 16. (Original) The computer-readable storage medium of claim 15, 

2 wherein the centralized repository includes a database for storing the state 

3 information. 

1 17. (Canceled). 

1 18. (Currently amended) The computer-readable storage medium of claim 

2 13, wherein the state information includes: 

3 a s e ssion e ncryption key for th e s e cur e communication s e ssion; 

4 the session identifier for the secure communication session; and 

5 a running message digest for the secure communication session. 
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1 19. (Original) The computer-readable storage medium of claim 18, 

2 wherein the method further comprises: 

3 using the message to update the running message digest; and 

4 checkpointing the updated running message digest to a location outside of 

5 the first server. 

1 20. (Canceled). 

1 21. (Original) The computer-readable storage medium of claim 13, 

2 wherein the method further comprises initially establishing an active secure 

3 communication session between the client and the second server, the active secure 

4 communication session being identified by the session identifier. 

1 22. (Original) The computer-readable storage medium of claim 13, 

2 wherein attempting to retrieve the state information includes authenticating and 

3 authorizing the first server. 

1 23-24 (Canceled). 

1 25. (Currently amended) An apparatus that shares a secure communication 

2 session with a client between a plurality of servers, comprising: 

3 a receiving mechanism, at a first server in the plurality of servers, that 

4 receives a message from the client, the message including a session identifier that 

5 identifies a secure communication session wdth the client; 

6 an examination mechanism that examines the session identifier; and 

7 a session initialization mechanism, on the first server, wherein if the 

8 session identifier does not correspond to an active secure communication session 
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9 on the first server, the session initialization mechanism is configured to establish 

10 an active secure communication session with the client by, 

1 1 attempting to retrieve state information associated with the 

12 session identifier for an active secure communication session 

1 3 between the client and a second server , wherein the state 

14 information is retrieved from a third server which is different from 

1 5 the client, from the plurality of servers by the first ser\^en wherein 

1 6 the state information includes a session encryption keye associated 

17 with the active secure coinmunication session used to encrypt 

1 8 communications between the client and the second server, wherein 

19 the first server is different from the second server, 

20 if the state information for the active secure communication 

21 session is retrieved, using the state information including the 

22 encryption keys to share the active secure communication session 

23 established between the client and the second server for subsequent 

24 communications between the client and the first server without 

25 having to set up a new secure communication session between the 

26 client and the first server, wherein the state infomiation is purged 

27 from the s e cond serv e r after the stat e information is retri e ved by 

28 the fir s t s e r\ - ^ e r, wh e r e in sharing th e activ e s e cur e communication 

29 s e ssion allows a single SSL s e s s ion to b e simultan e ously shar e d by 

30 multipl e s e rvers, and 

3 1 if the state information for the active secure communication 

32 session is not retrieved, communicating with the client to establish 

33 the active secure communication session with the client. 

1 26. (Original) The apparatus of claim 25, wherein the session initialization 

2 mechanism is configured to attempt to retrieve the state information by: 
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3 attempting to use the session identifier to identify the second server in the 

4 plurality of servers that has an active secure communication session with the 

5 client that corresponds to the session identifier; and 

6 attempting to retrieve the state information firom the second server. 

1 27. (Original) The apparatus of claim 25, wherein the session initialization 

2 mechanism is configured to attempt to retrieve the state information by attempting 

3 to retrieve the state information fi*om a centralized repository that is in 

4 communication with the plurality of servers. 

1 28. (Original) The apparatus of claim 27, wherein the centralized 

2 repository includes a database for storing the state information. 

1 29. (Canceled). 

1 30. (Currently amended) The apparatus of claim 25, wherein the state 

2 information includes: 

3 a s e ssion e ncryption k e y for th e s e cur e communication s e ssion; 

4 the session identifier for the secure communication session; and 

5 a running message digest for the secure communication session. 

1 31. (Original) The apparatus of claim 30, fiirther comprising an updating 

2 mechanism that is configured to: 

3 use the message to update the running message digest; and to 

4 checkpoint the updated running message digest to a location outside of the 

5 first server. 

1 32. (Canceled). 
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1 33. (Original) The apparatus of claim 25, wherein the session initialization 

2 mechanism is configured to authenticate and authorize the first server prior to 

3 receiving the state information. 

1 34-35 (Canceled). 
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